VYPR
Unrated severityNVD Advisory· Published Apr 9, 2009· Updated Jun 16, 2026

CVE-2009-1144

CVE-2009-1144

Description

Untrusted search path vulnerability in the Gentoo package of Xpdf before 3.02-r2 allows local users to gain privileges via a Trojan horse xpdfrc file in the current working directory, related to an unset SYSTEM_XPDFRC macro in a Gentoo build process that uses the poppler library.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*
    • cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*
    • cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*
    • cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*
    • cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*
    • cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*
    • cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*
  • File Project/Xpdfllm-create
    Range: <3.02-r2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.